package cn.itsource.zuul1020.resource;


import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.jwt.JWTUtil;
import cn.itsource.util.RedisService;
import cn.itsource.zuul1020.config.LoginTypeEnum;
import cn.itsource.zuul1020.config.SecurityConfigProperties;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;

import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;

/**
 * @author: hong
 * @Description:
 * @Date: Created in 17:36 2020-08-31
 * @Modified: By:资源服务器
 */
@Component
@Slf4j
public class ResourceService {
    @Autowired
    SecurityConfigProperties configProperties;
//    @Autowired
//    RulesFeignClient rulesFeignClient;
    @Autowired
    RedisService redisService;
//    @Autowired
//    PlBaseRoleFeignClient plBaseRoleFeignClient;

    AntPathMatcher antPathMatcher = new AntPathMatcher ();

   public boolean hasPermission(String requestUrl,String authentication){

       if (this.hasNotNeedAuthority (requestUrl)) return true;
       boolean b = this.hasRolePermission (authentication, requestUrl);
       log.info ("通过角色判断该url:{}是否放行:{}",requestUrl,b);
       return b;
   }
    public boolean excludeUrls(String requestUrl){
        Set<String> excludeUrls = configProperties.getExcludeUrls ();
        log.info ("excludeUrls为:{}",excludeUrls);
        return this.IncludeUrl (excludeUrls,requestUrl);
    }
    /**
     * 判断当前url是否为不需要认证的资源
     * @param requestUrl
     * @return
     */
    private boolean hasNotNeedAuthority(String requestUrl){
        //这里获取到的是需要登录 ,但是不需要查表的权限
        Set<String> notNeedAuthority = configProperties.getNotNeedAuthority();
        return this.IncludeUrl (notNeedAuthority,requestUrl);
    }


    /**
     * 判断当前url是否属于当前角色的资源
     * @param authentication
     * @return
     */
    private boolean hasRolePermission(String authentication,String requestUrl){
        HashSet<String> urls = new HashSet<> ();
      //  String accountId = GlobalAuthorizationUtil.getAccountId (authentication);
      //  String type = GlobalAuthorizationUtil.getType (authentication);
        //String key = RedisConstant.User.userKey (type);
        switch (LoginTypeEnum.PLATFORM){

            case TENANT:
               // TeUser teUser = (TeUser)redisService.get (key+ accountId);
           // List<String> baseRulesByBaseRoleId = plBaseRoleFeignClient.getBaseRulesByBaseRoleId (new BaseRoleDTO (teUser.getRoleArray (),teUser.getCompanyId ()));
            //urls.addAll (new HashSet<> (baseRulesByBaseRoleId));
                break;
            case PLATFORM:
                //PlUser plUser = (PlUser)redisService.get (key+ accountId);
//                for (Integer id :  plUser.getRoleArray ()){
//                 //   List<String> rulesByRoleId = rulesFeignClient.getRulesByRoleId (id);
//                    urls.addAll (new HashSet<> (rulesByRoleId));
//                }
                break;
            case CUSTOMER:
                break;
            default:
        }


        //拿到权限集合来判断
        return this.IncludeUrl (urls,requestUrl);
    }

    private boolean IncludeUrl(Set<String> urls, String requestUrl){
        log.info ("获取到的所有的url:{}",urls.toString ());
        if (CollectionUtil.isNotEmpty (urls)) {
            return urls.stream ().anyMatch (s -> antPathMatcher.match (s,requestUrl));
        }
        return false;
    }


}
